From d25ea894604acf480cf83d4812397d2febd24d7b Mon Sep 17 00:00:00 2001 From: Sergei Maertens Date: Thu, 2 May 2024 14:11:47 +0200 Subject: [PATCH] :pencil: [#94] Update documentation and mention dots in claims are supported --- docs/quickstart.rst | 18 +++++++++++++----- .../migrations/0002_migrate_to_claim_field.py | 8 +++++++- mozilla_django_oidc_db/utils.py | 1 - 3 files changed, 20 insertions(+), 7 deletions(-) diff --git a/docs/quickstart.rst b/docs/quickstart.rst index ab50736..72e0fdd 100644 --- a/docs/quickstart.rst +++ b/docs/quickstart.rst @@ -163,7 +163,8 @@ The name of the claim that is used for the ``User.username`` property can be configured via the admin (**Username claim**). By default, the username is derived from the ``sub`` claim that is returned by the OIDC provider. -If the desired claim is nested in one or more objects, its path can be specified with dots, e.g.: +If the desired claim is nested in one or more objects, you can specify the segments +of the path: .. code-block:: json @@ -175,10 +176,13 @@ If the desired claim is nested in one or more objects, its path can be specified } } -Can be retrieved by setting the username claim to ``some.nested.claim`` +Can be retrieved by setting the username claim (array field) to: -.. note:: - The username claim does not support claims that have dots in their name, it cannot be configured to retrieve the following claim for instance: +- some +- nested +- claim + +If the claim has dots in it, you can specify those in a segment: .. code-block:: json @@ -186,6 +190,10 @@ Can be retrieved by setting the username claim to ``some.nested.claim`` "some.dotted.claim": "foo" } +can be retrieved with: + +- some.dotted.claim + User profile ------------ @@ -254,4 +262,4 @@ and ``OIDCAuthenticationBackend.config_class`` to be this new class. .. _mozilla-django-oidc settings documentation: https://mozilla-django-oidc.readthedocs.io/en/stable/settings.html -.. _OIDC spec: https://openid.net/specs/openid-connect-discovery-1_0.html#WellKnownRegistry \ No newline at end of file +.. _OIDC spec: https://openid.net/specs/openid-connect-discovery-1_0.html#WellKnownRegistry diff --git a/mozilla_django_oidc_db/migrations/0002_migrate_to_claim_field.py b/mozilla_django_oidc_db/migrations/0002_migrate_to_claim_field.py index c98ee72..51df481 100644 --- a/mozilla_django_oidc_db/migrations/0002_migrate_to_claim_field.py +++ b/mozilla_django_oidc_db/migrations/0002_migrate_to_claim_field.py @@ -6,10 +6,16 @@ import mozilla_django_oidc_db.fields import mozilla_django_oidc_db.models +import mozilla_django_oidc_db.settings as oidc_settings def flush_cache(): - if not (cache_name := getattr(settings, "SOLO_CACHE", "")): + cache_name = getattr( + settings, + "MOZILLA_DJANGO_OIDC_DB_CACHE", + oidc_settings.MOZILLA_DJANGO_OIDC_DB_CACHE, + ) + if not cache_name: return caches[cache_name].clear() diff --git a/mozilla_django_oidc_db/utils.py b/mozilla_django_oidc_db/utils.py index d790753..8a16aa4 100644 --- a/mozilla_django_oidc_db/utils.py +++ b/mozilla_django_oidc_db/utils.py @@ -28,7 +28,6 @@ def obfuscate_claims(claims: dict, claims_to_obfuscate: list[list[str]]) -> dict copied_claims = deepcopy(claims) for claim_bits in claims_to_obfuscate: claim_path = Path(*claim_bits) - # NOTE: this does not support claim names that have dots in them claim_value = glom(copied_claims, claim_path) assign(copied_claims, claim_path, obfuscate_claim_value(claim_value)) return copied_claims